<?php include("../includes/header-member.php") ?>
<title>LazySwim</title>
</head>


<body>
<div id="page">
    <div id="page-top">
        <div id="page-bottom">
          <div id="header">
                <div id="header-info">
                    <h1>LAZYSWIM</h1>
                    <div class="description">Simplistic Swim System</div>
                </div>
				<!-- Header Goes Here -->
                <?php printHeader(); ?>
				<!-- Header Ends Here -->
                <div id="header-date">Today is <?php echo date('l, F jS, Y'); ?></div>
                <div id="header-cats">
				<!-- Welcome Message Starts Here -->
                    <ul>
					<?php include("../../includes/welcomeBar.php"); ?>
					</ul>
				<!-- Welcome Message Ends Here -->	
                </div>
            </div>
            <div id="main">

                <div id="sidebar">
                    <div class="sidebar-box">
                    <h3>Mail</h3>
                    <ul>
                        <li class="page_item"><a href="newMessage.php">New Message</a></li>
                        <li class="page_item"><a href="inbox.php">Inbox</a></li>
                        <li class="page_item"><a href="outbox.php">Outbox</a></li>
                    </ul>
                    </div>
                    <?php
					// include the corresponding navigation page
                    include("../../includes/navigation.php");
					?>    
                </div>

            <!-- main body -->
			
			<div class="featured-post"> 
			
				<div class="post-title"><h2>View Message</h2></div>
				<div class="post-entry">
			
				<?php
				require("../includes/dbInfo.php");
				$user = $_SESSION['ls_userid'];

				$messageID = $_GET['msgID'];
				$message = mysql_query("SELECT * FROM messages WHERE messageID = '$messageID'") or die(mysql_error());
				$message = mysql_fetch_assoc($message);

				// if we have neither sent nor received the message - no view priveledges!
				if( $message['receiverID'] != $user && $message['senderID'] != $user) {
					die( "Sorry, this message does not belong to you!!");
				}

				// if the message was UNREAD set it to READ only if it is the receiver
				if( $message['readStatus'] == "UNREAD" && $message['receiverID'] == $user) {
					mysql_query("UPDATE messages SET readStatus = 'READ' WHERE messageID = '$messageID'") 
						or die (mysql_error());
				}

				// fetch the sender for each message
				$sender_sql = mysql_query("SELECT name from accounts where userID = '$message[senderID]'") 
					or die(mysql_error()); 
				$sender = mysql_fetch_row($sender_sql);
				// and the recipiant
				$receiver_sql = mysql_query("SELECT name from accounts where userID = '$message[receiverID]'") 
					or die(mysql_error()); 
				$receiver = mysql_fetch_row($receiver_sql);


				echo "<table>";
				echo "<tr><td><b>Date:</b></td><td>" . $message['timestamp'] . "</td></tr>";
				echo "<tr><td><b>From:</b></td><td>" . $sender[0] . "</td></tr>";
				echo "<tr><td><b>To:</b></td><td>" . $receiver[0] . "</td></tr>";
				echo "<tr><td><b>Subject:</b></td><td>" . $message['subject'] . "</td></tr>";
				echo "</table>";
				echo "<br><textarea cols=70 rows=10 readonly=\"readonly\"> " . $message['message'] . "</textarea>";
				?>
				
				<p><a href="inbox.php">Back to inbox</a></p>
				
				</div>
			</div>
			
            <div class="clear"></div>

            </div>
			<!-- Footer Goes Here -->
            <?php include("../../includes/footer.php"); ?>
			<!-- Footer Ends Here -->
        </div>
    </div>
</div>
</body>
</html>